phpregexjsonhtml-entitiesmagic-quotes

Plus sign disappearing on server side?

I can't look at mysql tables right now...but I don't think '+' is making it into the table.

I checked magic_guotes and it is turned on. However magic_quotes should not do anything to the '+' sign as it only relates to escaping for characters the database uses.

Also, I checked my regular expressions on the client and server (javascript and php) and there is nothing to remove '+' signs.

I also use htmlentites() but I do not believe + is an html entity and even if it was this should only make it an entity wrather than a character.

This leaves json_encode, but I was able to echo the characters back to the client before encoding and could still see there was no '+' sign.

I've checked all 5 places and can not determine where my + sign is going...it seems the mysql database is returning a space where the + sign should be.

Ajax Serialize

function ajax_serialize( form_name )
{
    var return_string='',  
        form_elements=document.forms[form_name].elements,
        iterator;  
    for(iterator = 0; iterator < form_elements.length; iterator++)
    {
        if( form_elements[iterator].name )
        {
            if( form_elements[iterator].type === 'checkbox' && form_elements[iterator].checked === false )
            {
                return_string += form_elements[iterator].name + "=0&";
            }
            else
            {
                return_string += form_elements[iterator].name + "=" + form_elements[iterator].value+"&";
            }
        }
    }
    return_string = return_string.slice( 0, -1 );
    return return_string;
}

Ajax Tweet

function interface_tweet()
{
    var form_name = 'tweet',
        response_div = form_name + '_response',
        tw_text = new Text(form_name),
        tw_message = new Message(response_div);

    if( Constant.VALIDATE_ON === 1 )
    {
        if( !tw_text.checkEmpty() ) 
        {
            tw_message.display('empty');
            return;
        }

        if( !tw_text.checkPattern('tweet') ) 
        {
            tw_message.display('tweet');
            return;
        }
    }

    Ajax.repeatUseAjaxObject( Constant.GATEWAY, ajax_serialize( 'tweet') + '&ajax_type=ControlTweet_add' , ajax_tweet ,'tweet_fill' );
    document.getElementById( 'tweet_input' ).value='';
    document.getElementById( 'tweet_response' ).innerHTML='';
}
Solution

  • This is what you should have

    return_string += encodeURIComponent(form_elements[iterator].name) + "=0&";

    and 

    return_string += encodeURIComponent(form_elements[iterator].name) + "=" 
               + encodeURIComponent(form_elements[iterator].value)+"&";

    if your form_elements[iterator].name does not have any symbols that should be encoded then you may remove encodeURIComponent for it.